These two techniques make it harder to come up with exploits, by reducing
what is commonly called the "attack surface" in security circles: by making
the addresses less predictable, and by making it harder to inject data that
is then (mis-)interpreted as code, this hardens Git's executables on
Windows.
These patches have been carried in Git for Windows for over 3 years, and
should therefore be considered battle-tested.
İsmail Dönmez (2):
mingw: do not let ld strip relocations
mingw: enable DEP and ASLR
config.mak.uname | 8 ++++++++
1 file changed, 8 insertions(+)
base-commit: 39ffebd23b1ef6830bf86043ef0b5c069d9299a9
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-134%2Fdscho%2Faslr-v1
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-134/dscho/aslr-v1
Pull-Request: https://github.com/gitgitgadget/git/pull/134
--
gitgitgadget